This article applies to:

• MailMarshal SEG 8.0 and above

Question:

• How do I set the length of DKIM keys generated by SEG? 

Procedure:

By default, SEG generates 2048 bit RSA keys for DKIM.

In SEG 8.2 and above, you can select the size each time you create a key (1024, 2048, or 4096 bits).

In SEG 8.0 and 8.1, you can change the size generated by setting a Registry value.

To set the value:

1. On the SEG Array Manager server, run Regedit.
2. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Trustwave\Secure Email Gateway\Manager
3. Create a new DWORD value (REG_DWORD)
   • Name: DKIMKeySize
   • Value: the key size in kilobits (for example, to create 1024 bit keys enter 1)
4. Restart the Array Manager service

Notes:

• The default length was based on a survey of key lengths in use by major domains and providers.